sudo --non-interactive -u debian-tor tor --verify-config
Could you please confirm that sudo --non-interactive -u debian-tor tor --verify-config will exit non-zero (1)? (echo $?)
Could you please confirm, that Tor is actually running? sudo systemctl status tor@default
And Tor is also functional, connectivity is working?
In that case, it looks like a bug in tor --verify-config.
Tor’s systemd unit /lib/systemd/system/tor@default.services used to run tor --verify-config, but apparently no longer doing so in Debian stretch.
It seems like tor --verify-config seems to report missing Tor .d config folder as an error while Tor itself does not. This I would consider a bug. If that is true, could you report a bug against Tor please?
After running anon-connection-wizard, checked with sudo --non-interactive -u debian-tor tor --verify-config; echo "exit code $?"
It returns exit 0.
Dec 31 17:00:30.156 [notice] Tor 0.3.1.9 (git-df96a13e9155c7bf) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma 5.2.2, and Libzstd 1.1.2.
Dec 31 17:00:30.156 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at Tor Project | Download
Dec 31 17:00:30.157 [notice] Read configuration file “/etc/tor/torrc”.
Configuration was valid
exit code 0
Restarting tor is OK, everything is functional, but whonixcheck is still complaining.
If we comment out the line %include /etc/tor/torrc.d in /etc/torrc, then whonixcheck runs without tor warning.
Alright, so I think it’s an tor --verify-config bug.
Shall I disable this check in whonixcheck or we just make sure that folder exists in next upgrade (Whonix 14 of course, another iteration, package upgrade can be very soon).
I think it would be better to create the folder in the, or a package instead of disabling the check, because other things might get wrong in /etc/tot/torrc, user tampering being one.
Hi @troubadour ! I know that Whonix has been using guimessage module to do the translation, but I just learned a more standard and widely used way to do this is using gettext. Do you know if there was any concern that makes us use guimessage instead of gettext?
No there was no concern about gettext. When we started to get rid of the hard coded messages in the scripts, we found that solution (the gui-message script was written by nrgaway).
Later, I have been in touch with the people at translatewiki. They told me that yaml files solution was not standard and that we would run into problems sooner or later. I do not remember the exact content of the conversation, but at the end they did recommend gettext. I had no time to dig into it.
I got the complain again when the VM is started however when I tried the following command line, it seems there is nothing wrong with the Tor configuration.
user@host:~$ sudo --non-interactive -u debian-tor tor --verify-config
Jan 03 18:50:17.363 [notice] Tor 0.3.1.9 (git-df96a13e9155c7bf) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma 5.2.2, and Libzstd 1.1.2.
Jan 03 18:50:17.363 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jan 03 18:50:17.363 [notice] Read configuration file "/etc/tor/torrc".
Configuration was valid
user@host:~$ echo $?
0
user@host:~$ sudo systemctl status tor@default
● tor@default.service - Anonymizing overlay network for TCP
Loaded: loaded (/lib/systemd/system/tor@default.service; static; vendor preset: enabled)
Drop-In: /lib/systemd/system/tor@default.service.d
└─30_qubes.conf, 40_obfs4proxy-workaround.conf, 40_qubes.conf
Active: active (running) since Wed 2018-01-03 18:49:16 UTC; 1min 29s ago
Process: 961 ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config (
Process: 929 ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor (code=exited, status=0/SUCCESS)
Main PID: 995 (tor)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/system-tor.slice/tor@default.service
└─995 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
Since whonix-repository-wizard gets merged into whonix-repository package, could you please also remove whonix-repository-wizard from whonix-setup-wizard?